TY - GEN
T1 - Verification and maintenance of e-Voting systems and standards
AU - Gibson, Paul
AU - Mcgaley, Margaret
PY - 2008/12/1
Y1 - 2008/12/1
N2 - E-voting systems should be verified to be fit-for-purpose before being deployed, but there is a serious lack of provision for verification and maintenance in existing standards and recommendations for evoting. A change to requirements,or to the system, usually results in the previously established fitness-forpurpose being compromised. Therefore change must be managed, and standards documents must make provision for their own maintenance. Verification is a process of establishing a relationship between what is required of the system and properties of the actual system. It is good practice that an independent authority be responsible for verification of systems against requirements. It must be possible to determine whether a given authority can be trusted to fulfil this task competently. Thus, requirements documents must not only say what standards are to be met, but must also state the minimum capabilities expected of any testing authority. The whole e-voting system development process is prone to human-error. This applies to the requirements, standards and the systems they describe. We must introduce suitable procedures for dealing with these errors, including the identification of responsible parties. We must also ensure that there is adequate incentive for the correction of errors. If maintenance of systems requires expensive recertification, there is a risk that vendors will not make necessary changes to their systems (to avoid recertification) or will make changes without having the systems recertified. Error discovery is notthe only agent of change for requirements and systems. For example, the introduction of new legislation, new election types, or new technology will have direct consequences. This requires careful co-ordination between all concerned parties.Whenever a system changes, whatever the surrounding circumstances, it must be tested and re-certified. However, if the system under evaluation has been wellengineered, it may not be necessary to begin again with every modification. In this paper we examine what it means for a system to be well-engineered and propose maintenance procedures specific to the problem of evoting.
AB - E-voting systems should be verified to be fit-for-purpose before being deployed, but there is a serious lack of provision for verification and maintenance in existing standards and recommendations for evoting. A change to requirements,or to the system, usually results in the previously established fitness-forpurpose being compromised. Therefore change must be managed, and standards documents must make provision for their own maintenance. Verification is a process of establishing a relationship between what is required of the system and properties of the actual system. It is good practice that an independent authority be responsible for verification of systems against requirements. It must be possible to determine whether a given authority can be trusted to fulfil this task competently. Thus, requirements documents must not only say what standards are to be met, but must also state the minimum capabilities expected of any testing authority. The whole e-voting system development process is prone to human-error. This applies to the requirements, standards and the systems they describe. We must introduce suitable procedures for dealing with these errors, including the identification of responsible parties. We must also ensure that there is adequate incentive for the correction of errors. If maintenance of systems requires expensive recertification, there is a risk that vendors will not make necessary changes to their systems (to avoid recertification) or will make changes without having the systems recertified. Error discovery is notthe only agent of change for requirements and systems. For example, the introduction of new legislation, new election types, or new technology will have direct consequences. This requires careful co-ordination between all concerned parties.Whenever a system changes, whatever the surrounding circumstances, it must be tested and re-certified. However, if the system under evaluation has been wellengineered, it may not be necessary to begin again with every modification. In this paper we examine what it means for a system to be well-engineered and propose maintenance procedures specific to the problem of evoting.
KW - Certification
KW - Electronic voting
KW - Maintenance
KW - Standards
KW - Testing
UR - https://www.scopus.com/pages/publications/84871888784
M3 - Conference contribution
AN - SCOPUS:84871888784
SN - 9781906638085
T3 - Proceedings of the European Conference on e-Government, ECEG
SP - 283
EP - 290
BT - Proceedings of the 8th European Conference on e-Government, ECEG 2008
T2 - 8th European Conference on e-Government, ECEG 2008
Y2 - 10 July 2008 through 11 July 2008
ER -